The longer answer is that it's unknown whether it can be done in any reasonable amount of time (even with reasonable being tens of years). You could of course generate all possible text, and eventually stumble upon a text that gives the given MD5 hash, but even then it's not sure whether you got the right one.

Digest::MD5::Reverse uses online DBs which seem to store large amounts of texts and the corresponding MD5 sums.
That is probably the only reasonable way to do this. However, simply appending a random text/date on every text makes this pretty unusable.

The summer 2008 edition of 2600 has an interesting extension of this: using Google (etc.) to search for the hash and find an original text (password). Apparently a lot of people or systems post this information intentionally or inadvertently. In some limited sense, you don't need the reverse function if Google is mapping the forward function.

Blowfish is an encryption algorithm, not a hashing algorithm. It's not an alternative to MD5.

From here on, take what I say with a grain of salt. I'm not sure of everything.

SHA-1 is stronger than MD5, and SHA-256/512 strong still, but all are known or suspected to be broken for the same class of attacks. None are completely broken mind you. They are broken in the cryptographic sense, which means something like "being weaker than they were originally". However, attacks only get better with time.

Furthermore, the only property that is broken is the ability to produce two texts that hash to the same value, not the ability to produce a text that hashes to a given value. That property is important for document signing, but not for password protection.

See Blowfish and check out the section "Blowfish in Practice". I know SuSE linux uses this Blowfish hash for it's passwords, and many distros have advanced options when you install, to select the hashing algorithm to be used. Blowfish is commonly listed. Also google for "blowfish hash".

This will install it regardless of failed tests. Then, read its documentation and post again if you need help.

Update: there's nothing to it, you just pass an MD5 hash represented with ASCII characters ('A5F218'... instead of "\xa5\xf2\x18") to the reverse_md5() function. A simple script that lets you pass hashes from the command line: